Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/iMYsLWnUexO4xqpL5dbrqf1MIyY.roa
File: iMYsLWnUexO4xqpL5dbrqf1MIyY.roa (raw, json)
Hash identifier: VuHhtnyIfgp3kbcOSi0V5nTdFpOjV7YIKNEUl5vek3I=
Subject key identifier: 88:C6:2C:2D:69:D4:7B:13:B8:C6:AA:4B:E5:D6:EB:A9:FD:4C:23:26
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 0186979CE11504899705FE97AEA0B03D378A
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/iMYsLWnUexO4xqpL5dbrqf1MIyY.roa
Signing time: Tue 28 Feb 2023 10:41:26 +0000
ROA not before: Tue 28 Feb 2023 10:41:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57536
IP address blocks: 212.7.212.0/24 maxlen: 24
185.107.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:9c:e1:15:04:89:97:05:fe:97:ae:a0:b0:3d:37:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Feb 28 10:41:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88c62c2d69d47b13b8c6aa4be5d6eba9fd4c2326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4a:c7:8f:82:4b:37:54:59:84:8f:c4:88:4c:
02:50:01:72:68:7c:e1:5d:f5:5e:0f:d0:7f:26:2f:
37:1b:9f:c6:a0:62:93:94:05:48:3b:51:8e:6f:85:
00:b9:0a:2f:b3:31:45:b0:86:61:4f:b4:39:4a:f2:
e3:d8:90:fa:26:f8:c1:39:4e:47:51:85:f2:81:47:
41:70:ba:83:45:c8:c5:b4:c1:ea:02:18:e8:74:aa:
6a:2a:a5:9e:80:f7:41:a3:10:b6:75:3e:17:04:c4:
f5:1d:1c:88:5a:ff:ad:94:02:62:55:ab:93:c0:92:
8a:bf:cb:de:be:3a:0b:0c:cb:e7:29:c1:5e:54:6a:
c8:03:33:17:8f:29:c3:75:fa:a9:ec:2d:92:d2:fc:
10:23:51:27:fd:7e:d8:06:9a:d7:17:fa:c2:39:fa:
d5:07:ef:aa:68:32:c7:c5:5d:9a:16:db:7d:bf:85:
31:f7:54:02:f6:fb:a7:df:5b:cb:10:9a:f9:80:4d:
47:a4:27:c2:e6:5d:2b:10:10:97:a3:15:e3:98:ad:
b7:57:90:f5:5f:81:c4:21:45:cc:8d:58:57:ea:c5:
e1:e6:f2:a1:a3:ef:db:1e:35:75:cc:ca:96:2a:83:
91:d0:eb:73:d3:f5:9f:35:2a:16:67:14:30:6b:0d:
8c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C6:2C:2D:69:D4:7B:13:B8:C6:AA:4B:E5:D6:EB:A9:FD:4C:23:26
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/iMYsLWnUexO4xqpL5dbrqf1MIyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.65.0/24
212.7.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:ec:d6:8a:7e:0e:97:55:aa:77:4c:5d:d9:80:1a:c5:72:5c:
4f:d6:48:63:a6:8f:b1:2e:b9:d5:02:8c:4a:58:6a:4d:dd:bc:
77:df:44:45:6c:57:af:25:ac:47:08:be:a5:2f:91:86:5b:d0:
4e:d0:a4:f6:67:ae:d0:ac:87:aa:11:00:a7:f5:72:4b:65:a8:
d1:d4:14:31:09:2b:6a:ee:25:da:22:1a:87:f8:05:5b:f1:ef:
5b:0b:60:8f:5e:ce:f3:99:56:b5:74:6d:7c:88:9e:a9:44:df:
11:63:64:58:21:c4:bc:04:13:b6:3c:04:35:12:6b:7a:2a:4f:
dc:c7:7f:75:fd:aa:71:be:97:5b:4e:3d:61:f7:09:ba:87:f7:
b1:1a:71:76:fd:7a:16:cc:85:e4:37:c8:5f:6d:b5:d6:3e:ff:
fa:b2:3a:d9:44:9e:1f:18:88:bf:af:81:78:6f:9a:f1:2d:79:
16:1a:7c:b8:0d:96:da:51:b2:a1:f7:63:37:7d:6b:9d:7e:df:
3e:a2:77:d4:45:5e:d7:74:27:f6:fe:3d:f1:d4:0e:b2:b6:ff:
e5:c0:3f:75:28:33:85:6f:e7:77:78:e1:6f:ea:81:31:b0:30:
45:57:52:b4:88:bb:92:1e:66:53:43:f7:7d:78:d8:56:fd:29:
49:53:9e:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaXnOEVBImXBf6XrqCwPTeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjMwMjI4MTA0MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM2MmMyZDY5ZDQ3YjEzYjhjNmFhNGJlNWQ2ZWJhOWZkNGMyMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkrHj4JLN1RZhI/EiEwCUAFyaHzh
XfVeD9B/Ji83G5/GoGKTlAVIO1GOb4UAuQovszFFsIZhT7Q5SvLj2JD6JvjBOU5H
UYXygUdBcLqDRcjFtMHqAhjodKpqKqWegPdBoxC2dT4XBMT1HRyIWv+tlAJiVauT
wJKKv8vevjoLDMvnKcFeVGrIAzMXjynDdfqp7C2S0vwQI1En/X7YBprXF/rCOfrV
B++qaDLHxV2aFtt9v4Ux91QC9vun31vLEJr5gE1HpCfC5l0rEBCXoxXjmK23V5D1
X4HEIUXMjVhX6sXh5vKho+/bHjV1zMqWKoOR0Otz0/WfNSoWZxQwaw2MaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIjGLC1p1HsTuMaqS+XW66n9TCMmMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvaU1Zc0xXblVleE80eHFwTDVkYnJxZjFNSXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWtBAwQA
1AfUMA0GCSqGSIb3DQEBCwUAA4IBAQAL7NaKfg6XVap3TF3ZgBrFclxP1khjpo+x
LrnVAoxKWGpN3bx330RFbFevJaxHCL6lL5GGW9BO0KT2Z67QrIeqEQCn9XJLZajR
1BQxCStq7iXaIhqH+AVb8e9bC2CPXs7zmVa1dG18iJ6pRN8RY2RYIcS8BBO2PAQ1
Emt6Kk/cx391/apxvpdbTj1h9wm6h/exGnF2/XoWzIXkN8hfbbXWPv/6sjrZRJ4f
GIi/r4F4b5rxLXkWGny4DZbaUbKh92M3fWudft8+onfURV7XdCf2/j3x1A6ytv/l
wD91KDOFb+d3eOFv6oExsDBFV1K0iLuSHmZTQ/d9eNhW/SlJU55t
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:41:07 2025 by rpki-client